Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for GCP Cloud DNS

GCP Cloud DNS
GCP Cloud DNS icon

Coralogix Extension For GCP Cloud DNS Includes:

Alerts - 4

Stay on top of GCP Cloud DNS key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

A New DNS Record Set was Created

This alert gets triggered when a new DNS record set is created. Impact Utilizing a DNS zone, a malicious actor can generate personalized DNS records and adjust various DNS settings to influence the resolution of domain names and subdomains. Mitigation Regularly inspect your DNS records to identify any unauthorized or malicious entries that might have been established. Implement access controls and authentication measures to restrict the individuals with permission to create DNS records in GCP. This practice aids in preventing unauthorized users from creating DNS records that could potentially be exploited to launch attacks against your system. MITRE Tactic: TA0005 MITRE Technique: T1578'

A DNS Zone was Created

This alert gets triggered when a DNS zone is created. Impact By manipulating a DNS zone, an adversary can craft customized DNS records and adjust various DNS settings to influence the resolution of domain names and subdomains. Mitigation Regularly monitor your DNS zones to identify any unauthorized or maliciously created DNS zones. This proactive approach enables early detection and response to potential DNS zone attacks, preventing significant damage. Implement access controls and authentication measures to restrict permissions for creating DNS zones in GCP to authorized users. MITRE Tactic: TA0005 MITRE Technique: T1578'

A DNS Zone was Deleted

This alert gets triggered when a DNS zone is deleted. Impact Services or applications relying on DNS records from the deleted zone would lose the ability to resolve DNS queries. This may result in users being unable to access the services or applications, or it could lead to additional issues if these services or applications depend on DNS records for other functionalities. Mitigation Regularly check your DNS zones for any signs of unauthorized or maliciously deleted DNS zones. This proactive monitoring approach enables early detection and response to potential DNS zone attacks, minimizing the risk of significant damage. Implement access controls and authentication measures to restrict the creation of DNS zones in GCP to authorized users. MITRE Tactic: TA0003 MITRE Technique: T1098'

An Existing DNS Record Set was Deleted

This alert gets triggered when a DNS record set is deleted. Impact All DNS records linked to the zone, including those associated with its subdomains, would be removed. This may pose challenges if there are active services or websites dependent on DNS records within the affected zone. Mitigation Regularly scrutinize your DNS records for the identification of unauthorized or malicious entries. Employ access controls and authentication measures to restrict those authorized to create DNS records in GCP, thereby preventing unauthorized users from generating records that could be exploited for system attacks. Additionally, contemplate the implementation of a DNS backup and recovery system as a safeguard against inadvertent or malicious deletions of DNS records. This ensures a prompt restoration process in case of record deletion or loss. MITRE Tactic: TA0003 MITRE Technique: T1098'

Integration

Learn more about Coralogix's out-of-the-box integration with GCP Cloud DNS in our documentation.

Read More
Schedule Demo